Scroll Top


The call for papers will be opened on April 1st 2022 / “Untapped” on the 1st of August

This is the Call for Papers (CFP) for talks and workshops and Call for Training (CFT) for the 14th edition of BruCON or #BruCON0x0E (29 – 30 September 2022).

On the off chance you don’t know BruCON (where have you been?). We host a 2-day Security and Hacking Conference full of interesting presentations, workshops and security challenges for about 600 attendees. BruCON is an open-minded gathering of people discussing computer security, privacy, and information technology. The conference tries to build bridges between the various actors active in the computer security world including (but not limited to) hackers, security professionals, security communities, non-profit organisations, CERTs, students, law enforcement agencies, and many more.

Next to the conference we offer several world-class, deep-dive offensive and defensive technical training courses given by the most recognized experts with huge industry experience in their domain! These training sessions take place twice a year, Spring Training takes places in April 2022 (Registration and line-up here) and conference training tracks are on 26, 27 and 28th of September 2022. Our slogan is “Hacking for Beer” of which you’ll find plenty during and after the conference and training.

For both the conference and our training courses we have selected a new venue which is in line with the BruCON theme, namely beer! The Lamot in Mechelen is an event location held which used to be a brewery. A new location also means a new city to explore, so keep an eye out for the annual hacker run!  

COVID-19 specifics

At the time of publishing this post, Belgium is in code Yellow which means that aside from monitoring the CO2 quality, no further restrictions are mandatory. Mouth masks are still recommended, yet not mandatory. Since it is impossible to predict the situation in September, we ask for everyone’s flexibility. We are starting this CFP on the premise that we will have an in-person conference (and as always stream all talks live). So for this, please only submit if you can comply with these agreements:

  • Talks, Workshops and ICS-IOT Village : On-site in person
  • Training: Preferably on-site, if you prefer not to, indicate this when you submit to the CFT


Topics of interest for the conference include, but are not limited to :

  • Electronic/Digital Privacy
  • IoT Security
  • Wireless Network and Security
  • Attacks on Information Systems and/or Digital Information Storage
  • Web Application and Web Services Security
  • Lockpicking & physical security
  • Honeypots/Honeynets
  • Spyware, Phishing and Botnets (Distributed attacks)
  • Hardware hacking, embedded systems and other electronic devices
  • Mobile devices exploitation, Symbian, P2K and bluetooth technologies
  • Electronic Voting
  • Vulnerability research and disclosure
  • Free Software and Security
  • Legal and Social Aspect of Information Security
  • Software Engineering and Security
  • Security in Information Retrieval
  • Security aspects in SCADA, industrial environments and “obscure” networks
  • Forensics and Anti-Forensics
  • Mobile communications security and vulnerabilities
  • Information warfare and industrial espionage
  • Social Engineering
  • Virtualisation Security

ICS/IOT Village

The ICS/IOT Village is a dedicated area where attendees with a relative “safe” environment to learn more about the (in)security of technologies that you are less likely to encounter on a day-to-day basis such as industrial control systems, electronic voting devices, etc.

Just like previous years we host the Village in a dedicated area where you can immersive yourself in technologies related to:

  • Automotive security
  • Electronic voting
  • Embedded circuits
  • Hardware hacking
  • Industrial control systems or simply buzzword “SCADA”
  • Radio frequency and other wireless networks
  • (Industrial) IoT
  • etc.

Submission format

Possible formats are:

  • 1hr talk
  • 2hr workshop (preferably hands on)
  • 4hr workshop (preferably hands on)

If you want to get an idea about the atmosphere at BruCON, check out the previous talks on our Youtube channel.

Training (not for Untapped)

Please take into account the following guidelines for submitting a training course for BruCON.

BruCON is shifting from hosting predominantly offensive technical security training sessions to a combination of offensive and defensive courses. We don’t have any specific focus areas, so please submit any training you deem interesting !

Training should be either 2 or 3 days. You are allowed to submit multiple training suggestions, however please specify if they can be hosted simultaneously.

If you have additional hardware that need to be taken into account, please specify including the additional costs.

If you submit a training, please include, at minimum, the following information :

  • Description
  • Course content
  • Target audience
  • Level (Beginner, Advanced, Expert)
  • Trainer(s) Biography
  • Hosted before? If so, where and when

Possible formats are:

  • 2-day training (1300 € Early-bird / 1400 € Regular)
  • 3-day training (1600 € Early-bird / 1700 € Regular)

Submission Guidelines

Submissions will contain as much detail as possible and will be written in English. We use EasyChair to collect and review talk, workshop and training proposals. You will submit your proposal online:

Your submission will contain at least the following details:

  • Your name (duh)
  • A picture of yourself
  • Where do you live (country)
  • How to reach you
  • The title of your talk/workshop/training, including type
    • Talk
    • 2h or 4h workshop
    • 2- or 3-day training
  • General Track or ICS/IOT Village Track
  • An abstract of your talk/workshop/training, including a brief biography
  • A number of keywords to characterize your submission
  • Whether you submitted and/or presented this proposal at other conferences
  • Additionally you are encouraged to include, in plain text or PDF format, supporting materials such as slide decks, white papers, curriculum, prerequisites for talk/workshop/training, outline,…


  • CFP/CFT Open : April 1st 2022
  • CFP/CFT Closes : April 30th 2022 Midnight CET
  • Feedback on all talks and workshops : May 30rd 2022
  • Talks / Workshops published : June 15th 2022
  • Training published : June 30th 2022 (Potentially earlier)
  • BruCON 0x0E Training : September 26, 27 and 28 2022
  • BruCON 0x0E Conference : September 29 and 30 2022

Schedule “Untapped

  • CFP/CFT Open : August 1st 2022
  • CFP/CFT Closes : August 31st 2022
  • Feedback on all talks : September 10th 2022
  • BruCON 0x0E Conference : September 29 and 30 2022

Submit an Untapped talk via this link

Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.